﻿using System;
using System.Data;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using EKETEAM.FrameWork;
using EKETEAM.Data;

namespace EKECMS.Controls
{
    public partial class Message : System.Web.UI.UserControl
    {
        protected void Page_Load(object sender, EventArgs e)
        {
            Response.Charset = "UTF-8";
            if (HttpContext.Current.Request.QueryString["id"] == null) return;
            if (Request.Form["act"] != null)
            {
                #region 安全性检查
                if (Request.UrlReferrer == null) Response.End();
                if (Request.Url.Host.ToLower() != Request.UrlReferrer.Host.ToLower() || Request.Url.Port != Request.UrlReferrer.Port) Response.End();
                #endregion
                if (Session["Plugins_RndCode"] == null)
                {
                    Response.Write("<script>alert('验证码超时！');history.back();</script>");
                    Response.End();
                }
                if (Session["Plugins_RndCode"].ToString() != Request.Form["yzm"].ToString())
                {
                    Response.Write("<script>alert('验证码不正确！');history.back();</script>");
                    Response.End();
                }

                eTable tb = new eTable("eWeb_Messages");
                tb.Fields.Add("SiteID", eBase.getWebSiteID());
                tb.Fields.Add("WebCode", eBase.getWebCode());
                tb.Fields.Add("ColumnID", eParameters.QueryString("ID"));

                if (eParameters.QueryString("PID").Length > 0)
                {
                    tb.Fields.Add("ClassID", eParameters.QueryString("PID"));

                }

                tb.Fields.Add("WM", eParameters.Form("f1"));
                tb.Fields.Add("DH", eParameters.Form("f2"));
                tb.Fields.Add("YX", eParameters.Form("f3"));
                tb.Fields.Add("BT", eParameters.Form("f4"));
                tb.Fields.Add("NR", eParameters.Form("f5"));

                tb.Add();
                Response.Write("<script>alert('您的留言成功提交，感谢您对我们的支持!留言内容需要经过审核才能显示，请耐心等待。');document.location='" + Request.ServerVariables["HTTP_REFERER"].ToString() + "';</script>");
                Response.End();
            }
        }
    }
}